Answer the question
In order to leave comments, you need to log in
Can ransomware devour ESXi?
For example, I have a VMware hypervisor installed without a host OS, and there I have 1 virtual machine with a server. I made a server clone just in case. So, attention to the question. Can a ransomware eat my clone? If it, in fact, can only act from under the OS.
Answer the question
In order to leave comments, you need to log in
In principle, the way out is very difficult, unless it is a virus written specifically for hypervisors, plus even a heaped encryptor cannot eat a cloned system and data in general, subject to at least basic security rules:
1. The account on running machines should not be Administrative for the domain , if it is up, and the account should not have access rights to the hypervisor through AD
2. In virtual machines, the clipboard and direct file transfer (drag and drop) between it and the host machine should be disabled.
3. Virtual machines should not have access to a shared ball that can be written to (ideally, they should generally be on their own isolated network)
4. Archives with images should be in folders where only the backup user has access, and even the system account, not to mention the admin account, does not have access there.
These four minimum rules have saved more than one system
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question